Device Identities – What and Why?

ControlThings offers a middleware technology for authentication and secure communication between devices. If you are a solution provider, you can embed our technology on each participating device, and our middleware will take care of the rest, covering everything from creating device identities to large scale orchestration of access management and secure communication channels. ControlThings provides the tools for creating an intuitive and transparent end user experience, without the need of traditional authentication methods like tokens, API keys and username/password.

Pairing

Too many passwords to handle? Reusing them? Unchanged old passwords? Default passwords?
Password based security is generally considered weak and the industry is actively moving towards better systems. As an example of this, the state of California has recognized the weakness of password authentication and decided to ban all default passwords on devices from the year 2020.

The Identity Pairing technique offers better security through certificate based cryptography, as well as an intuitive end user experience. No passwords to remember, and the hidden cryptographic keys provide much stronger security. Also, no sensitive data is ever sent over insecure channels for authentication.

Securing the Edge in Industry 4.0

Critical system integrations like in a mill environment or in a vehicle cannot rely solely on cloud-level integrations. Edge level peer-to-peer integrations are required for reduced latency, increased throughput and more reliable networking.

With ControlThings’ tools and white label middleware, the edge peer-to-peer connections are easy to commission and access management is remotely orchestrated in realtime.

Audit Trails - Cover Your Back with Recorded Evidences

A customer may deny that he used a service specified on the invoice. Can you be confident that logged records are authentic, or could the file potentially have been manipulated? With digitally signed log records, you can prove who did what. This is called non-repudiation.

Like in police registers, medical records and fintech databases users are required to digitally sign commands for accessing or storing data, or for triggering sensitive actions.

This middleware can be used for recording indisputable log files, and you can hold your clients liable for their own acts.

Neutral Authentication for Inter-Organisational Ecosystems

Have you noticed that the competition of ecosystem ownership has led to more ecosystems? Don't you think some central authority will control the whole value chain communication in every domain?

Digital Identities provide a neutral way to securely connect with partners, while avoiding the situation where `a central authority has control over the whole ecosystem`. No predefined root of trust is required, as the identities can be locally generated, and securely connect with each other in a co-equal manner. The Digital Identities provide self-determination.

Use existing IAMs

ControlThings technology relies on external IAMs and existing social relations for first-time identification. This means authenticating the identity of the applicant for identification when the certificate is issued or pairing is made.

Corporate user accounts, government issued digital IDs or sim cards from telecom operators are examples of account types that can anchor your own Digital Identity, and make it more trustworthy.

Trust anchoring requires the ControlThings technology to run as a legacy authenticated service for issuing certificates to the Device Identities, for instance to authenticated users on the corporate domain. The benefit is that every identity can obtain certificates from several environments for achieving a single-sign-on (SSO) experience.

Trust the Certified Networks

How can a machine owner be sure that a remote assistance feature in his/her machine is not being abused?

For enabling remote assistance he/she grants access to still unknown identities, provided they can expose credible digital certificates issued by someone he/she already trusts. When someone connects, his/her identity, certificates and actions are recorded by the machine.

Quicker Development

Reduced time-to-market with off-the-shelf cybersecurity technology that lets you focus on your solution instead of wasting your time on complicated security issues.

Stronger Security

Avoid tokens, API keys and passwords that can be sniffed or phished. Provide non-disputable proof of who performed sensitive actions.

Better User Experience

All systems are reachable from one place, with a single sign on. No new usernames, less passwords to remember. Intuitive pairing.

Contact us

Drop us a line or give us a ring. We love to hear from you and are happy to answer any questions.